data loss is a growing risk managed file transfer can help
Download
Skip this Video
Download Presentation
Data Loss Is a Growing Risk… Managed File Transfer Can Help

Loading in 2 Seconds...

play fullscreen
1 / 24

Data Loss Is a Growing Risk… Managed File Transfer Can Help - PowerPoint PPT Presentation


  • 144 Views
  • Uploaded on

Data Loss Is a Growing Risk… Managed File Transfer Can Help. Tony Perri, CISSP Solutions Architect Ipswitch File Transfer. Data loss is a growing risk. Companies are collecting, storing, and transferring more and more data. Collecting Data:

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Data Loss Is a Growing Risk… Managed File Transfer Can Help' - haru


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
data loss is a growing risk managed file transfer can help

Data Loss Is a Growing Risk…Managed File Transfer Can Help

Tony Perri, CISSP

Solutions Architect

Ipswitch File Transfer

data loss is a growing risk
Data loss is a growing risk
  • Companies are collecting, storing, and transferring more and more data.
    • Collecting Data:
      • How many times have you filled out a Web form with personal information such as your name, address, date of birth, phone number, credit card number, etc.
    • Storing Data:
      • This data is “king” for companies looking to better understand their customers and their markets, so this data is stored and subsequently analyzed.
    • Transferring Data:
      • The “pace” of business has increased, so data must be transferred quickly between internal and external people and systems.

www.IpswitchFT.com

data is most vulnerable during transfer
Data is most vulnerable during transfer
  • Technology focus has been on minimizing the risk of data loss during collection and storage.
  • Technology for protecting data during transfer is available, but adoption is not keeping pace with the threats.

www.IpswitchFT.com

the information visibility problem
The Information Visibility Problem
  • Companies are failing to secure and manage the flow of sensitive information moving internally and externally:
    • 65 percent of companies surveyed have no visibility into files and data leaving their organizations.
    • 52 percent have no real visibility into internal file transfers.
    • Only 19 percent say they have complete visibility into files and data moving inside and outside their organization.

www.IpswitchFT.com

the external device problem
The External Device Problem
  • Increased reliance on external devices in the workplace is partly to blame:
    • More than 80 percent of IT executives admitted to using easily lost or stolen external devices like USB drives, smartphones and tablets to move and backup confidential work files.
    • 57 percent save work files to external devices at least once a week, a major security and compliance concern for businesses.

www.IpswitchFT.com

the email security problem
The Email Security Problem
  • More than 75 percent of IT executives surveyed send classified files and information via email attachments.
    • 26 percent of employees use personal email instead of work accounts to mask file transfer activity from management.

www.IpswitchFT.com

the policy and tool enforcement problem
The Policy and Tool Enforcement Problem
  • Creating policies and providing tools simply isn’t enough…. It’s the enforcement of that policy and tool that is the critical step.
    • 55 percent said their companies provide – but do not enforce – policies and tools around sharing sensitive information

www.IpswitchFT.com

wikileaks fails to drive preventive it action
WikiLeaks Fails to Drive Preventive IT Action
  • In wake of one of the most revealing breaches in U.S. history, most companies are not taking the risks of losing business-critical information seriously.
    • 43 percent of companies ignored the business implications of WikiLeaks altogether.
    • Only 16 percent of companies implemented new policies and tools to protect against similar breaches.
    • Slightly less than 30 percent of companies discussed the implications with employees, but made no major changes to the way information is shared or protected.

www.IpswitchFT.com

2011 information technology priorities
2011 Information Technology Priorities
  • While many companies are still struggling to protect business-critical information, executives say that they’re making it a priority for 2011. Of the IT executives surveyed at the 2011 RSA Conference:
    • 40 percent ranked protecting sensitive information as a top priority in 2011.
    • 25 percent said securing cloud computing is important.
    • 20 percent said that managing the flow of information internally and externally is critical.

www.IpswitchFT.com

employees will do what is necessary
Employees will do what is necessary
  • Employees have proven that they will do whatever it takes to get their job done, with or without IT.
  • Employees whose job requires them to send information to other people such as co-workers, partners, vendors or customers have thousands of options at their disposal.
    • Personal email account
    • USB drive
    • Social media site
    • CD/DVD’s sent via courier

www.IpswitchFT.com

risk is to the business
Risk is to the Business
  • File transfer supports core business processes
    • Ordering, claims processing, supply chain management, health care, financial transactions.
  • Data loss means
    • Orders don’t ship, claims don’t get processed, supplies don’t arrive, health care records are unavailable, and financial debits/credits don’t occur.
  • Compliance Threatened

www.IpswitchFT.com

costs to the business
Costs to the Business
  • Data loss incurs additional costs:
    • Average total per-incident costs in 2008 were $6.65 million
    • Average cost per data record in 2008 was $202

2008 Annual Study: Cost of a Data Breach, Ponemon Institute 20 February 2009

  • Lost Revenue
  • Penalties
  • Damaged reputation

www.IpswitchFT.com

it needs
IT Needs…
  • IT needs solutions to:
    • Enable person-to-person, person-to-system and system-to-system file transfers
    • Create and enforce policies and rules that manage those file transfers
    • Encrypt transfers
    • Provide visibility into all data interactions
    • Enable compliance

www.IpswitchFT.com

mft capabilities
MFT Capabilities
  • Protocols
    • FTP, FTPS, SFTP, HTTP, HTTPS, AS1/2/3
  • Encryption
    • SSL/TLS, SSH, AES, PGP, S/MIME, PKI, SHA
    • Provide Confidentiality and Integrity
  • Access Control
    • Control who has access to what data
    • Least-Privileged
  • Auditing, Logging and Reporting
    • Track every activity associated with transferring a file
  • Automation, scheduling, workflow
    • Provide Availability

www.IpswitchFT.com

visibility
Visibility

1. Provide visibility into all file and data transfer interactions, including files, events, people, policies & processes

www.IpswitchFT.com

management
Management

2. Manage, provision, and automate all file interactions, both internal and external to the company, organization or domain

www.IpswitchFT.com

enforcement
Enforcement

3. Create and enforce administrator defined policies & rules

  • Server access rules
  • Security policies
  • Password policy
  • IP and user lockout rules
  • File extension rules
  • Domain rules
  • Encryption policy
  • Delivery notification rules
  • File size limitations
  • File expiration rules
  • Max server bandwidth (# files, storage space)
  • Max number of files that can be sent at a time
  • Max # of downloads
  • Multi-factor authentication
  • Guaranteed delivery
  • File Integrity
  • Non-repudiation

www.IpswitchFT.com

real world business problems
Real World Business Problems
  • Needs
  • Challenges

www.IpswitchFT.com

two frequent scenarios
Two frequent scenarios
  • Regularly scheduled reoccurring transfers
    • Replace legacy or home-grown systems
  • Ad-Hoc person-to-person interactions
    • Send large or large sensitive data

www.IpswitchFT.com

classic bulk data transfer
Classic “bulk data transfer”
  • Used by Financial, Insurance and Health Care for years
  • Primarily B2B (not transactions)
  • Legacy Data Comm, FTP, MFT
  • Regularly scheduled, re-occurring transfers
  • Highly structured
  • Need
    • Encryption
    • Efficient on-boarding of partners and users
    • Policy Enforcement
    • Auditing and Reporting
    • Scheduling
    • SLA Monitoring
    • Sustainable key managment
    • Flexible deployment options (on-premises, hosted, hybrid)

www.IpswitchFT.com

ad hoc transfers
Ad-Hoc Transfers
  • One-time or short-duration interactions between internal users and external customers, partners, clients, etc.
  • Examples
    • Marketing needs to send large image files to a contractor
    • Software vendor needs to send a patch to a specific customer
  • Sometimes a replacement for anonymous ftp
  • Bi-directional
    • Mortgage originator needs sensitive financial information from an applicant

www.IpswitchFT.com

ad hoc transfers1
Ad-Hoc Transfers
  • Need
    • Encryption
    • Self-service user provisioning
    • Client-less access for internal and external users
    • TTL and Max Download policies
    • Auditing and Logging
    • Appropriate file size limits (or no limits)
    • Archival for e-Discovery purposes.
    • Flexible deployment options (on-premises, hosted, SaaS)

www.IpswitchFT.com

slide24
Q&A

For more information about Ipswitch File Transfer’s

solutions, call 608-824-3600 or email

[email protected]

www.IpswitchFT.com

ad